Hi, Here's the summary of the previous IRC meeting.
--- COMMUNITY MEETING Place: #openvpn-devel on irc.freenode.net List-Post: openvpn-devel@lists.sourceforge.net Date: Thursday 8th Dec 2011 Time: 18:00 UTC Planned meeting topics for this meeting were on this page: <https://community.openvpn.net/openvpn/wiki/Topics-2011-12-08> Next meeting will be announced in advance, but will probably be on the same weekday and at the same time. Your local meeting time is easy to check from services such as <http://www.timeanddate.com/worldclock> or with $ date -u SUMMARY cron2, dazo, ecrist, krzie and mattock participated in this meeting. -- Discussed the OpenVPN 2.2.2 release. Decided to have all blockers taken care of by next Thursday: 1) Cannot access Syspro 6.0 Server with 2.2RC or 2.2.0 <https://community.openvpn.net/openvpn/ticket/126> Although this bug should be gone now, verification is needed. Mattock asked all bug report commenters to test a fixed OpenVPN version. One of them responded already, but hasn't yet tested the new version. 2) No client-to-client in server config, but also can ping other client which logined vpn <https://community.openvpn.net/openvpn/ticket/154> Agreed that this is a configuration mistake. 3) IPv6 errors on server side <https://community.openvpn.net/openvpn/ticket/147> Dazo will provide a quick fix for this bug (write a sensible, one-time warning message). 4) openvpn-2.2.1-install.exe contains unsigned openvpn-gui-1.0.3.exe <https://community.openvpn.net/openvpn/ticket/171> Mattock will fix this. 5) pkcs11 support is missing in openvpn 2.2.0 for windows <https://community.openvpn.net/openvpn/ticket/145> Mattock will fix this. 6) "Password save support missing in OpenVPN 2.2.1 Debian/Ubuntu packages" <https://community.openvpn.net/openvpn/ticket/182> Mattock will fix this issue. -- Discussed the OpenVPN 2.3 alpha release. Decided to have all blockers taken care of by late January. The following should be ready by then: 1) New connectivity test server - provided by ecrist, thanks! - configured by mattock 2) Connectivity test integration in buildslaves - mattock: Linux buildslaves - cron2: *BSD buildslaves - ecrist: MacOS X buildslave 3) Fedora/CentOS packages missing <https://community.openvpn.net/openvpn/ticket/151> CentOS 6 RPM packages are ready, so adding Fedora packages is trivial. Mattock will have those (along with yum repos) ready by 2.3 alpha. Noted that while stable OpenVPN releases usually end up in rpmforge and EPEL repositories quite quickly, various snapshot and alpha/beta versions will still prove useful. 4) Various Visual Studio build fixes <http://thread.gmane.org/gmane.network.openvpn.devel/5156> <http://thread.gmane.org/gmane.network.openvpn.devel/5178> <http://thread.gmane.org/gmane.network.openvpn.devel/5179> David will take care of these. 5) Unicode fixes <http://thread.gmane.org/gmane.network.openvpn.devel/5111> <http://thread.gmane.org/gmane.network.openvpn.devel/5112> Will try to include these in 2.3 alpha, but if necessary, postpone to a later release. 6) WinXP: route setup broken after standby <https://community.openvpn.net/openvpn/ticket/56> Agreed that we should not postpone the 2.3 alpha release because of this. 7) openvpnserv.exe does not exit even if there are no openvpn.exe processes <https://community.openvpn.net/openvpn/ticket/110> For this a volunteer is needed. James did not volunteer due to lack of time. 8) push-reset should not reset topology and route-gateway from global config <https://community.openvpn.net/openvpn/ticket/29> This look like material for the "great configuration option parser rewrite project, which needs to be done really carefully. Decided to postpone fixing this until after 2.3. -- Discussed the VLAN tagging patchset that surfaced again recently: <http://thread.gmane.org/gmane.network.openvpn.devel/5184> Agreed that postponing this to a post 2.3 release is acceptable. --- Full chatlog as an attachment -- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock
mattock 20:03:57 krzie: lo, excellent catch who's here? 20:04:06 krzie 20:04:36 o/ cron2 not 20:04 mattock 20:05:34 dazo? while waiting, I'll add some tickets for myself to trac 20:06:01 dazo 20:06:15 yeah? mattock 20:09:10 meeting? 18:09 UTC 20:09:21 https://community.openvpn.net/openvpn/wiki/Topics-2011-12-08 20:09:34 vpnHelper 20:09:35 Title: Topics-2011-12-08 â OpenVPN Community (at community.openvpn.net) mattock 20:09:57 as suggested by cron2, a quick review of 2.2.2 / 2.3 alpha release status cron2 20:09:59 but mattock said he wouldn't be here... mattock 20:10:28 I'm his evil twin brother you can trust me 20:10:33 cron2 20:12:32 ok: 2.2.2 what's missing? 20:12:47 mattock 20:12:53 there was this one bug in the TAP-driver cron2 20:13:13 that one has been fixed dazo pokes at the open bugs 20:13 mattock 20:13:41 https://community.openvpn.net/openvpn/ticket/126 vpnHelper 20:13:42 Title: #126 (Cannot access Syspro 6.0 Server with 2.2RC or 2.2.0) â OpenVPN Community (at community.openvpn.net) cron2 20:13:46 mattock has posted the fixed windows builds, but no response yet mattock 20:14:07 maybe I'll invade the guy's privacy and mail him directly dazo 20:14:10 #126 should be covered by cron2's fix ... I believe/hope cron2 20:14:11 yeah dazo 20:14:45 #154 is believe is a misconfiguration and three weeks without any response after asking for configs/logs means it will not be 2.2.2 any more 20:15:17 cron2 20:15:28 +1 dazo 20:15:48 #147 IPv6 errors on server side .... cron2? had a chance to look at that? "Wed Jun 29 22:12:51 2011 username/1.2.3.4:56990 Need IPv6 code in mroute_extract_addr_from_packet" 20:15:56 cron2 20:16:03 unfortunately not yet dazo 20:16:10 Should we just whack that warning? cron2 20:16:46 that was your plan - change that warning into something sensible, and print it only once dazo 20:17:05 well, but I'm thinking ... do we really need it? but print once is an alternative 20:17:13 mattock: ticket #145 is yours ... anything you need to do that before wrapping up 2.2.2? 20:18:18 Does that require code changes? 20:18:32 mattock 20:18:41 hmm, lemme check dazo 20:18:57 and ticket #171 is also on mattock .... signed openvpn GUI ... mattock 20:19:43 #145: need to take a closer look #171 is James' stuff 20:19:50 actually #171 I can easily fix 20:20:03 dazo 20:20:06 I can put together a quick fix for #147 ... and I propose to postpone #127 "Updated manpage for --rport and --lport" to a later release, not that important mattock 20:20:08 if 2.1.4 had a signed GUI dazo 20:20:21 I dunno what 2.1.4 had .... mattock 20:20:58 it says so on the ticket cron2 20:21:02 dazo: ok on #127 dazo 20:22:18 so, lets aim to have all these things sorted out for next Thursday? Then I'll tag the tree, create some tar balls ... and we can start the release machinery? mattock 20:22:30 good plan the pkcs11 bug will take some time, my other stuff is trivial 20:23:03 ok, then 2.3 20:23:12 cron2 20:23:17 dazo: +1 dazo 20:24:02 So summary ... mattock: #145 and #171, dazo: #147, postpone #127, ignore #154 #126 -> move to fixed 20:24:08 ecrist 20:24:08 do we have a projected release date for 2.3? mattock 20:24:28 late January? cron2 20:24:39 that was the plan ecrist 20:24:42 does jjk get in here often? dazo 20:24:44 yeah, something like that mattock 20:24:46 I'll add some of my privately-created 2.3 tasks to trac dazo 20:25:02 ecrist: not so much lately ... mostly when he needs some quick answers ecrist 20:25:03 for BSDCan next spring, I'm looking to do an OpenVPN workshop dazo 20:25:14 when is that? ecrist 20:25:25 I'd *like* to have full IPv6 support and some ideas from you guys for the workshop dazo: it's in Ottawa, usually first week of May. 20:25:44 cron2 20:25:53 ecrist: I'll do all I can to help with IPv6 ecrist 20:26:23 sweet mattock 20:26:54 ecrist: do I still have the new public test server available? dazo 20:27:04 that would be a great target for late beta release or an RC cron2 20:27:26 indeed dazo: btw, what about froscon? any decision yet? 20:27:36 ecrist 20:28:20 mattock, you talking my vm? mattock 20:28:26 yep dazo 20:28:32 ahh, let me check the prices again .... if decent, I'm basically going ecrist 20:28:34 I don't plan on taking it away, I just need to actually set it up cron2 20:28:46 dazo: muc-bru ~150 EUR if booking now mattock 20:28:57 I'm planning on setting the public test server up before 2.3 alpha ecrist 20:28:59 I have some people that owe me some favors, going to call them in and try to purchase some 'real' hardware for an ESXi host I need about $4k US though 20:29:08 dazo 20:30:45 cron2: yeah ... I'm looking at some decent offers hotel+flight ... and I might get my wife with me, seems to just add the costs < â¬20 (she declines to join the conference, but she will do sightseeing 20:31:07 cron2 20:31:08 mattock: oh yeah, that. test server, t_client tests. These are important to have before 2.3 beta there's lots of stuff to see in brussels, indeed 20:31:23 mattock 20:31:33 I'm in ok, mailed the people who commented on #126 20:32:46 ecrist 20:33:36 we should have an OpenVPN dev summit at some point. if anything, for a beer meeting 20:33:42 I don't even care where it is. 20:33:46 of course, OpenVPN Tech should pay for it all. 20:34:13 krzie 20:35:02 lol dazo 20:35:32 heh mattock 20:35:56 I'd like to see that, too anyways, besides various support stuff (e.g. buildslaves), is there code missing from 2.3 alpha? 20:37:02 dazo 20:37:22 Today we actually got a feedback on feat_vlan_tagging branch a guy provided a feature addition to that patch ... and claims this branch works very well for him 20:37:45 cron2 20:37:46 \o/ dazo 20:37:55 so I'm wondering, should we pull that in now? vpnHelper 20:37:58 RSS Update - tickets: #182: Password save support missing in OpenVPN 2.2.1 Debian/Ubuntu packages <https://community.openvpn.net/openvpn/ticket/182> cron2 20:38:01 I'd still put that up to 2.4 - it's fairly intrusive, and interest has been low dazo 20:38:13 yeah, I that's what I'm thinking I just wanted to be sure I wasn't the grumpy gatekeeper 20:38:29 cron2 20:38:57 no, for grumpyness we have ecrist dazo 20:39:02 lol Even though VLAN isn't so much asked for now ... I expect that will come sooner or later, after all VLAN able switches is getting fairly affordable these days 20:39:32 mattock 20:43:28 trac more or less up-to-date vpnHelper 20:43:31 RSS Update - tickets: #151: Fedora packages missing <https://community.openvpn.net/openvpn/ticket/151> dazo 20:43:53 mattock: #182 is not something we can do anything ... that's the debian package maintainer which needs to add --enable-password-save when building openvpn mattock 20:44:08 wrong, those are _my_ packages cron2 20:44:19 dazo: are you sure basename() implementations are permitted to modify their arguments? now *dirname* I an see, but basename? dazo 20:44:24 ahh, okay ... not the official packages mattock 20:44:30 all the package maintainers in the world seem to lag behind a lot SLES is the worst... 20:44:39 2.0.9 in official repos 20:44:46 cron2 20:44:51 ouch mattock 20:44:57 that's just ridiculous cron2 20:44:59 care to give them a kick? dazo 20:45:00 cron2: the current implementation is basically copy-paste from glibc cron2 20:45:11 dazo: yeah, and it does not modify the string mattock 20:45:23 well, "enterprise" distro and all opensuse has pretty decent support (2.2.0) 20:45:35 so it'll end up in SLES within next few years 20:45:45 cron2 20:45:57 so what does RHEL ship? mattock 20:46:21 hmm, I'll check dazo 20:46:27 2.1.4, I believe ... but for RHEL, you also have EPEL - which is kind of Fedora packages for RHEL, where you get a fresher version 20:46:52 for RHEL4 to RHEL6 to be updated, it must be through a paying customer request ... as RH needs to support that 20:47:48 which is probably why SLES got such an old version too ... no customer required anything newer 20:48:08 but also depends on SLES version 20:48:20 (Enterprise Linux is a completely different league when it comes to package management compared to community based distributions) 20:49:07 mattock 20:50:19 RHEL does not seem to have any openvpn in standard repos... rpmforge repo has 2.2.0 20:51:22 and we actually got our 2.2.1 RPM packages already 20:51:34 dazo 20:51:57 mattock: you seem to be right ... last internal RHEL build of openvpn was 2.1.0 ... which was back in nov 2009 ... they probably skipped it mattock 20:52:05 I just need to setup the repos in a coherent fashion but we should be in good shape for testing by 2.3 alpha 20:52:52 dazo 20:53:21 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4410/openvpn-2.2.1-1.el6 (RHEL6) EPEL, that is 20:53:35 mattock 20:53:41 ah, those guys are quick well, they probably won't be providing snapshot releases, so my work is probably useful anyways 20:53:56 and I'll borrow their spec files, so it's a win-win 20:54:06 dazo 20:54:34 RHEL5 and RHEL4 in EPEL is 2.1.4 mattock 20:55:10 so, is some functionality/fix that's missing from 2.3 alpha? something we need to do, besides my buildslave/test server/packaging/repo stuff? 20:55:27 dazo 20:56:01 We just need those last changes I've been messing around with today (to be able to build cleanly on Windows) then d12fk got some unicode fixes ... but that can probably go into a later alpha/beta release 20:56:22 mattock 20:56:46 ok, excellent! Disconnessi 20:56 Argomento impostato a: OpenVPN developers channel | For configuration and user support, please go to #openvpn | See !git, !snapshots or !meetings for more info 20:57 Connessi 20:57 dazo 20:57:41 heh mattock 20:57:43 hmm cron2 20:58:53 oh, there was something for 2.3 MacOS X buildslave + testing 20:59:01 volunteers? 20:59:11 mattock 20:59:23 not me, don't got any recent version of OSX and buildslaves are pouring out of my ears already 20:59:46 ecrist, krzie? 21:00:05 oh, and the tunnelblick people can help with the testing part 21:00:20 I promised to inform the tunnelblick dev when 2.3 alpha is about to be release 21:00:52 cron2 21:01:34 cool mattock 21:03:23 so, 2.2.2 outstanding issues fixed by next Thursday, 2.3 out in late January? dazo 21:03:32 we have some nasty issues for 2.3, which I doubt anyone have looked much into ... #56, #110, #18, #29, #128 ... I'm owning a couple of them as well mattock 21:04:09 are all set to milestone beta 2.3? krzie 21:04:24 my version isnt recent, running 10.6, but i can build and run a config if ya like dazo 21:04:46 mattock: beta 2.3 or release 2.3 mattock 21:05:30 not sure, just wanted to make sure they got some milestone so they don't get lost it seems #56 is one of these long-standing bugs 21:08:11 dazo 21:08:23 yeah mattock 21:09:29 I don't think we should postpone 2.3 because of https://community.openvpn.net/openvpn/ticket/56 ... I don't see a fix coming anytime soon vpnHelper 21:09:32 Title: #56 (WinXP: route setup broken after standby) â OpenVPN Community (at community.openvpn.net) dazo 21:09:58 mattock: any chance we can get james to dig into that one? mattock 21:10:16 well, we can try, but I would not hold my breath cron2 21:10:23 wasn't jjk investigating? or d12fk, or both? dazo 21:10:28 yeah, I think they were 21:10:31 mattock 21:10:34 I think so too I'll check the linked IRC meeting chatlog quickly 21:10:44 oops, wrong ticket 21:11:07 for this we need a volunteer: https://community.openvpn.net/openvpn/ticket/110 21:13:35 vpnHelper 21:13:37 Title: #110 (openvpnserv.exe does not exit even if there are no openvpn.exe processes) â OpenVPN Community (at community.openvpn.net) mattock 21:13:40 I can mail James and ask I recall he was in that meeting, too 21:13:47 dazo 21:13:59 cron2: reg. basename() ... I copied the code directly from strings/basename.c from the glibc 2.14.1 tag ... but I see I did a mistake in compat.h it should be const char * in .h too 21:14:18 (in compat.c, its correct) 21:14:52 this is the GNU version of basename() which does not change the argument .... POSIX implementations may choose to do so 21:15:29 cron2 21:20:21 why would any want to do so? it seriously messes up our code 21:20:27 mmh 21:20:57 netbsd's manpage says something different again 21:21:09 The basename() function returns a pointer to static storage that may be 21:21:14 overwritten by subsequent calls to basename(). This is not strictly a 21:21:17 bug; it is explicitly allowed by IEEE Std 1003.1-2001 (``POSIX.1''). 21:21:20 dazo: do you have a copy of POSIX.1 around? 21:21:29 dazo 21:21:32 yeah ... nope 21:21:34 that's the challenge with these POSIX infected functions ... which is why I wanted initially to have "our own" basename() and dirname() which would be predictable 21:22:28 mattock 21:22:48 mailed james regarding the windows service dazo 21:23:16 sometimes you wonder what those POSIX people where smoking when they agreed upon things ... cron2 21:23:45 the basename() man page talks about "implementation of these function*s* modify their arguments" ... because the same manpage is for basename() and dirname() 21:24:04 dazo 21:24:15 yeah cron2 21:25:15 ah mattock 21:25:16 this look like material for the "great configuration option parser rewrite project": https://community.openvpn.net/openvpn/ticket/29 vpnHelper 21:25:18 Title: #29 (push-reset should not reset topology and route-gateway from global config) â OpenVPN Community (at community.openvpn.net) cron2 21:25:30 I see the issue now, our current code never used "system-basename()" befor dazo 21:25:41 exactly mattock: #29 is scaring me 21:26:12 mattock 21:26:25 how so? dazo 21:27:19 it needs to be carefully checked ... because the option parser is extremely generic, and reused in amazingly many ways ... command line, config files, push arguments are the obvious ones, but I've spotted a few other places too, which I don't recall exactly now mattock 21:30:25 move #29 to 2.4? dazo 21:30:33 Yeah, I'd probably say so mattock 21:31:06 moved dazo 21:31:12 I'm actually torn if we should consider a complete rewrite of the option parser ... to make it more obvious how and where it works today parser is brilliant in functionality ... but playing with the code is hazardous 21:31:53 (and today's parser works very well too!) 21:32:13 cron2 21:34:06 a rewrite is definitely not a 2.3 thing dazo 21:34:41 nope mattock 21:38:56 hmm, if there's nothing else, let's call this a day I think we got covered what we needed 21:39:01 cron2 21:39:12 yep good night everybody 21:39:19 mattock 21:39:20 and I'd say get 2.3 alpha out by end of January unless there are real blockers cron2 goes watching TV now 21:39 mattock 21:39:33 "time well spent" dazo 21:41:15 ack! mattock 21:41:35 summary tomorrow as usual good night, io vado a cenare 21:41:48 dinner 21:41:51 L'utente krzee si è disconnesso (Quit: This computer has gone to sleep) 21:44 ecrist 21:46:41 mattock: try to get the tunnel blick folks to start using the dev snapshots those are built every week 21:46:47 also, I have an OS X box we can probably use for a buildslave 21:48:51 it's a Mac Mini my son uses 21:49:02 mattock 22:05:49 ecrist: that'd be nice! the buildslave especially
